🚨 $292 million stolen. And DeFi is still bleeding.
An attacker just drained Kelp DAO's bridge — 116,500 rsETH gone. Roughly 18% of the token's entire circulating supply. Wiped in one exploit.
But here's what makes this truly scary 👇
The attacker didn't stop there. They used the stolen rsETH as collateral on Aave to borrow more ETH — leaving Aave holding bad debt. $AAVE dropped 16% and $6.6 billion in deposits fled the protocol overnight.
One hack. Multiple protocols destroyed.
This is now the biggest DeFi exploit of 2026 — beating the $285M Drift hack from April 1st, which was itself linked to North Korea.
Two record-breaking hacks in 20 days. Let that sink in.
This isn't just bad luck. DeFi's cross-chain bridge infrastructure is the weakest link — and hackers know it better than developers do.
Before you ape into any DeFi protocol, ask yourself:
— Has it been audited recently?
— Does it use cross-chain bridges?
— Can one exploit drain 20 chains at once?
If you can't answer those questions, you're not investing. You're gambling.